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Amendments to the Claims: 

Please amend the claims as follows: 
1-37. (canceled) 

38. (original) In a computer system comprising a token communicatively 
connected to a provider, a method of authenticating a user to use a system, comprising: 
generating, by the token, a random value; 

sending, by the token, the random value, a token ID, and a salt value to the 
provider; 

providing, by the user, a user password to the provider; 
generating, by the provider, a derived key based at least in part on the salt value 
and the password; 

applying, by the provider, a first key-based hash algorithm, using the derived key, 
to the token ID to provide a first hash value; 

generating, by the provider, a first challenge data instance based at least in part on 
the random value and the first hash value; 

sending, by the provider, the first challenge data instance to the token; 

generating, by the provider, a token unlock key based at least in part on the 
derived key; 

sending, by the provider, the token unlock key to the token; 
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generating, by the token, a second challenge data instance based at least in part on 
the random value and a second hash value, wherein the second hash value is stored on the 
token and is based on the token ID; 

determining, by the token, whether the first and second challenge data instances 

match; 

terminating, by the token, the method, if the first and second challenge data 
instances are determined not to match; and 

if the first and second challenge data instances are determined to match, then 
establishing an encrypted data transfer system between the token and the 
provider, 

unlocking with the token unlock key, by the token, locked first private data 

stored on the token, and 
authenticating the user for secured use of the system based at least in part on 

the unlocked first private data. 

39. (original) The method of claim 38, wherein the derived key is generated with 
a password-based encryption algorithm. 

40. (original) The method of claim 39, wherein the password-based encryption 
algorithm is based at least in part on PKCS #5. 
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41 . (original) The method of claim 38, wherein the first hash algorithm is a hash 
function-based message authentication code. 

42. (original) The method of claim 38, wherein generating the token unlock key 
includes hashing the derived key to provide the token unlock key. 

43. (original) The method of claim 38, wherein generating the first challenge data 
instance includes mathematically binding together the first hash value and the random 
value to provide the first challenge data instance. 

44. (original) The method of claim 38, wherein 

generating the first challenge data instance comprises mathematically binding 
together the first hash value and the random value to provide the first challenge data 
instance; and 

generating the second challenge data instance comprises mathematically binding 
together the second hash value and the random value to provide the second challenge data 
instance. 

45. (original) The method of claim 38, wherein 

generating the first challenge data instance comprises mathematically binding 
together the first hash value and the random value to provide a first resulting value, and 
hashing the first resulting value to provide the first challenge data instance; and 
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generating the second challenge data instance comprises mathematically binding 
together the second hash value and the random value to provide a second resulting value, 
and hashing the second resulting value to provide the second challenge data instance. 

46. (original) The method of claim 38, wherein establishing the encrypted data 
transfer system comprises generating, by at least one of the token and the provider, a 
shared key. 

47. (original) The method of claim 46, wherein the shared key is a shared session 

key. 

48. (original) The method of claim 46, wherein the shared key is generated based 
at least in part on shared data that includes a Diffie-Hellman parameter set. 

49. (original) The method of claim 38, further comprising: 

combining, by the provider, a message and a present message value to provide a 
modified message; 

encrypting, by the provider, the modified message, using a shared key, to provide 
an encrypted message; 

combining, by the provider, the modified message and the random value to 
provide a first pre-hash value; 
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applying, by the provider, the first key-based hash algorithm, using the first hash 
value, to the first pre-hash value to provide a third hash value; 

combining, by the provider, the encrypted message and the third hash value to 
provide a signed message; 

sending, by the provider, the signed message to the token; 

extracting, by the token, the encrypted message and the third hash value firom the 
signed message received fi-om the provider; 

decrypting, by the token, the encrypted message, using the shared key to provide 
the modified message; 

extracting, by the token, the message and the present message value fi-om the 
decrypted encrypted message; 

combining, by the token, the message, the present message value, and the random 
value to provide a second pre-hash value; 

applying, by the token, the first key-based hash algorithm, using the second hash 
value, to the second pre-hash value to provide a signing hash value; and 

validating, by the token, the message, if the signing hash value and the third hash 
value match and the present message value is greater than a prior message value stored 
on the token. 

50. (original) The method of claim 38, further comprising 
combining, by the token, a message and a present message value to provide a 
modified message; 
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encrypting, by the token, the modified message, using a shared key, to provide an 
encrypted message; 

combining, by the token, the modified message and the random value to provide a 
first pre-hash value; 

applying, by the token, the first key-based hash algorithm, using the second hash 
value, to the first pre-hash value to provide a third hash value; 

combining, by the token, the encrypted message and the third hash value to 
provide a signed message; 

sending, by the token, the signed message to the provider; 

extracting, by the provider, the encrypted message and the third hash value fi"om 
the signed message received firom the token; 

decrypting, by the provider, the encrypted message, using the shared key to 
provide the modified message; 

extracting, by the provider, the message and the present message value fi-om the 
decrypted encrypted message; 

combining, by the provider, the message, the present message value, and the 
random value to provide a second pre-hash value; 

applying, by the provider, the first key-based hash algorithm, using the first hash 
value, to the second pre-hash value to provide a signing hash value; and 

vahdating, by the provider, the message, if the signing hash value and the third 
hash value match and the present message value is greater than a prior message value 
stored on the provider. 
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51. (original) The method of claim 38, wherein unlocking the locked first private 
data comprises decrypting the locked first private data with the token unlock key. 

52. (original) The method of claim 38, 

wherein the unlocked first private data includes at least one user credential 
associated with the user; and 

wherein authenticating the user includes providing at least one of the at least one 
user credential to the system to grant the user cryptographic reading authority. 

53. (original) The method of claim 38, 

wherein the unlocked private data includes at least one user credential associated 
with the user, and 

wherein authenticating the user includes providing at least one of the at least one 
user credential to the system to grant the user cryptographic writing authority. 

54. (original) The method of claim 38, wherein the system fiirther comprises a 
biometric reader commxmicatively connected to the provider, the locked first private data 
includes an encrypted biometric template, and the method fiirther comprises: 

sending, by the token, the encrypted biometric template to the provider; 
decrypting, by the provider, the encrypted biometric template with the derived 

key; 



Preliminary Amendment 

STSNP54 

PCT/US03/02931 



Page 10 



providing, by the user, a biometric sample via the biometric reader to the 
provider; 

determining, by the token, whether the biometric sample corresponds to the 
decrypted biometric template; 

terminating the method, by the provider, if the biometric sample is determined not 
to correspond to the decrypted biometric template; 

if the biometric sample is determined to correspond to the decrypted biometric 
template, 

applying, by the provider, one of the first key-based algorithm and a second 
key-based algorithm, using the derived key, to the decrypted biometric 
template to provide a third hash value, 
generating, by the provider, a third challenge data instance based at least in 

part on the third hash value and the random value, and 
sending, by the provider, the third challenge data instance to the token; 
generating, by the token, a fourth challenge data instance based at least in part on 
the random value and a fourth hash value, wherein the fourth hash value is stored on the 
token and is based on the biometric template; 

determining, by the token, whether the third and fourth challenge data instances 

match; 

terminating, by the token, the method if the third and fourth challenge data 
instances are determined not to match; and 
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if the third and fourth challenge data instances are determined to match, unlocking 
with at least a portion of the imlocked first private data, by the token, locked second 
private data stored on the token; 

wherein authenticating the user for secured use of the system further requires that 
the third and fourth data instances are determined to match. 

55. (original) The method of claim 38, wherein the system further comprises a 
biometric reader conmiunicatively connected to the token, the locked first private data 
includes an encrypted biometric template, and the method further comprises: 

providing, by the user, a biometric sample via the biometric reader to the token; 

decrypting, by the token, the encrypted biometric template with the derived key; 

determining, by the token, whether the biometric sample corresponds to the 
decrypted biometric template; 

terminating the method, by the token, if the biometric sample is determined not to 
correspond to the decrypted biometric template; and 

if the biometric sample is determined to correspond to the decrypted biometric 
template, unlocking, by the token, with at least a portion of the unlocked first private 
data, locked second private data stored on the token; 

wherein authenticating the user for secured use of the system further requires that 
the biometric sample is determined to correspond to the decrypted biometric template. 
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56. (original) The method of claim 55, wherein the biometric reader is integral 
with the token. 

57. (original) The method of claim 38, wherein establishing the encrypted data 
transfer system comprises encrypting messages exchanged between the token and the 
provider with an encryption key. 

58. (original) The method of claim 57, further comprising: 

sending, by the token, an encrypted instance of the encryption key and an 
encrypted user profile associated with the user to the provider; 

applying, by the provider, a key derivation function to the derived key and the 
first hash value to provide a cryptographic key; 

decrypting, by the provider, the encrypted instance of the encryption key; 

decrypting, by the provider, the encrypted profile with the encryption key; and 

providing, by the provider, the decrypted user credential to the system to grant the 
user at least one of cryptographic reading authority and cryptographic writing authority. 

59. (original) In a computer system comprising a token commimicatively 
connected to a provider, a method of authenticating a user to use a system, comprising: 

sending, by the token, a token ID, a saU value, an encrypted encryption key, and 
an encrypted user profile to the provider; 

providing, by the user, a user password to the provider; 
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generating, by the provider, a derived key based at least in part on the salt value 
and the password; 

applying, by the provider, a first key-based hash algorithm, using the derived key, 
to the token ID to provide a first hash value; 

applying, by the provider, a key derivation function to the derived key and the 
first hash value to provide a cryptographic key; 

decrypting, by the provider, the encrypted instance of the encryption key; 

decrypting, by the provider, the encrypted profile with the encryption key; and 

providing, by the provider, the decrypted user credential to the system to grant the 
user at least one of cryptographic reading authority and cryptographic writing authority. 



